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DETAILED ACTION 

1 . Currently pending claims are 55 - 74. 

Response to Arguments 

2. Applicant's arguments with respect to instant claims have been fully considered but are 
moot in view of the new ground(s) of rejection necessitated by Applicant's amendment. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraph of 35 U.S.C. 102 that forms the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another 
filed in the United States before the invention by the applicant for patent or (2) a patent granted on an 
application for patent by another filed in the United States before the invention by the applicant for patent, 
except that an international application filed under the treaty defined in section 351(a) shall have the effects 
for purposes of this subsection of an application filed in the United States only if the international application 
designated the United States and was published under Article 21(2) of such treaty in the English language. 

3. Claims 55 - 60, 62, 63, 65 - 68 and 70 - 73 are rejected under 35 U.S.C. 102(e) as 
being anticipated by Cheng et al. (U.S. Patent 6,823,462). 

As per claim 55, 65 and 70, Cheng teaches method comprising: 
populating an access control list with a destination user group identifier, wherein said 
destination user group identifier identifies a destination user group of a destination (Cheng: 
Column 5 Line 31 - 38 and Column 6 Line 63 - 65: the group / category rules-based database 
is qualified as an access control list with a destination group name / ID that requires a common 
security policy with the source nodes to allow the data flows between the nodes), 
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said access control list comprises a source user group field configured to store a source 
user group identifier and a destination user group field configured to store a destination user 
group identifier, said source user group comprises a plurality of source network devices, said 
destination user group comprises a plurality of destination network devices (Cheng: Column 5 
Line 36 - 38 and Column 6 Line 2 - 6 & Figure 5: the local ID is considered as the source group 
ID and the remote ID is interpreted as the destination group ID), and 

said access control list is configured to allow said source user group identifier 
and said destination user group identifier to be compared (Cheng: Column 6 Line 63 - 65: only 
those source / destination group identifiers that match the same traffic profile policies are 
allowed to flow between the nodes). 

As per claim 56, Cheng teaches said destination user group is assigned to said 
destination based on a role of said destination (Cheng: Column 7 Line 26 - 30: with respect to 
"security" role). 

As per claim 57, Cheng teaches said populating is performed by a network device and 
comprises sending a request to another network device, and receiving a response from said 
another network device, wherein said response includes said destination user group identifier, 
and said destination user group identifier identifies said destination user group (Cheng: Column 
7 Line 35 - 40 and Column 8 Line 5 - 6). 

As per claim 58, 66 and 71 , Cheng teaches comparing a user group of a packet with 
said destination user group (Cheng: Column 6 Line 63 - 65: only those source / destination 
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group identifiers that match the same traffic profile policies are allowed to flow between the 
nodes). 

As per claim 59, 67 and 72, Cheng teaches said user group of said packet is a source 
user group, said destination user group is a user group of a destination of said packet, and said 
destination is said destination of said packet (Cheng: Column 5 Line 36 - 38 and Column 6 Line 
2 - 6 & Figure 5: the local ID is considered as the source group ID and the remote ID is 
interpreted as the destination group ID that associates with a packet). 

As per claim 60, Cheng teaches said source user group is assigned to a source of said 
packet based on a role of said source (Cheng: Column 7 Line 26 - 30: with respect to "security" 
role). 

As per claim 62, 68 and 73, Cheng teaches determining said source user group; and 
determining said destination user group by looking up said destination user group in an access 
control list (Cheng: Column 5 Line 31 - 38 and Column 6 Line 63 - 65: the look-up table is 
considered as the group / category rules-based database, which is qualified as an access 
control list with a destination group name / ID that requires a common security policy with the 
source nodes to allow the data flows between the nodes). 

As per claim 63, Cheng teaches said access control list is a role-based access control 
list (Cheng: Column 7 Line 26 - 30: i.e., "security" role based). 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
A person shall be entitled to a patent unless - 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made to 
a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

4. Claims 61 , 64, 69 and 74 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Cheng et al. (U.S. Patent 6,823,462), in view of Li (U.S. Patent 6,71 1,172). 

As per claim 61, Cheng teaches said destination user group is indicated by a destination 
user group and said source user group is indicated by a source user group identifier (Cheng: 
Column 5 Line 31 - 38 and Column 6 Line 63 - 65). However, Cheng does not teach a source 
user group identifier stored in said packet. 

Li teaches a source user group identifier stored in said packet (Li: Column 4 Line 8-13: 
a pair of group / source address on the packet is used to route the packet). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Li within the system of Cheng because (a) 
Cheng teaches a means to identify a source user group by using a look-up table to match a 
source address with a source group identifier at a proxy-server network device (Cheng: Column 
5 Line 31 - 38 and Column 6 Line 63 - 65) and (b) Li teaches proposing a more efficient 
method routing the packet from a source to group members by encoding a pair of group / 
source address directly on the packet (Li: Column 3 Line 34 - 42 / Line 20 - 23 / Line 1 - 4 and 
Column 4 Line 8-13). 
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As per claim 64, 69 and 74, Cheng teaches said source user group identifier identifies 
said source user group (Cheng: Column 5 Line 31 - 38 and Column 6 Line 63 - 65). However, 
Cheng does not teach extracting a source user group identifier from said packet. 

Li teaches extracting a source user group identifier from said packet (Li: Column 4 Line 8 
- 13: a pair of group / source address on the packet is used to route the packet and thereby, a 
source user group identifier can thus be extracted from the packet accordingly). See same 
rationale of combination applied herein as above in rejecting the claim 61. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant 
is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Longbit Chai whose telephone number is 571-272-3788. The examiner 
can normally be reached on Monday-Friday 9:00am-5:00pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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